﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using NetCoreCMS.Common;
using NetCoreCMS.Models;

namespace NetCoreCMS.Web.Areas.WebApi.Controllers
{
    public class User_Password_EditController : UserController
    {
        [Authorize]
        [HttpGet]
        public IActionResult Get(string oldpassword, string password)
        {
            //检查用户是否登录
            Users model = GetUserInfo();
            if (model == null)
            {
                return Ok(new { status = 0, msg = "温馨提示：用户尚未登录或已超时！" });
            }
            //检查输入的旧密码
            if (string.IsNullOrEmpty(oldpassword))
            {
                return Ok(new { status = 0, msg = "温馨提示：请输入您的旧登录密码！" });
            }
            //检查输入的新密码
            if (string.IsNullOrEmpty(password))
            {
                return Ok(new { status = 0, msg = "温馨提示：请输入您的新登录密码！" });
            }
            //旧密码是否正确
            if (model.password != AESEncryptHelper.Encode(oldpassword, model.salt))
            {
                return Ok(new { status = 0, msg = "温馨提示：您输入的旧密码不正确！" });
            }
            //执行修改操作
            model.password = AESEncryptHelper.Encode(password, model.salt);
            _users.Update(model);
            return Ok(new { status = 1, msg = "您的密码已修改成功，请记住新密码！" });
        }
    }
}